Keys are used for XML signature and encryption.
Important: There is an important
distinction between Version 5.x and
Version 6 and later applications. The information in this article
supports
Version 5.x applications only that are used with WebSphere® Application
Server Version 6.0.x and later. The information does not apply
to Version
6 and later applications.
There are two predominant kinds
of keys used in the current Web Services
Security implementation:
- Public key - such as Rivest Shamir
Adleman (RSA) encryption and Digital
Signature Algorithm (DSA) encryption
- Secret key - such as
Data Encryption Standard (DES) encryption
In public
key-based signature, a message is signed using the sender private
key and is verified using the sender public key. In public key-based
encryption,
a message is encrypted using the receiver public key and is decrypted
using
the receiver private key. In secret key-based signature and encryption,
the
same key is used by both parties.
While the current implementation
of Web Services Security can support both
kinds of keys, there are a few items to note:
- Secret key-based
signature is not supported.
- The format of the message differs
slightly between public key-based encryption
and secret key-based encryption.